diff --git a/civicrm.php b/civicrm.php
index ede12b9f4fb8c85ddda4c7b4693c37cdb52c3ed1..a4dbcfaec30135e5223c6cd9ff78cfa73c4eae80 100644
--- a/civicrm.php
+++ b/civicrm.php
@@ -2,7 +2,7 @@
/**
* Plugin Name: CiviCRM
* Description: CiviCRM - Growing and Sustaining Relationships
- * Version: 5.58.0
+ * Version: 5.58.1
* Requires at least: 4.9
* Requires PHP: 7.3
* Author: CiviCRM LLC
@@ -36,7 +36,7 @@ if (!defined('ABSPATH')) {
}
// Set version here: changing it forces Javascript and CSS to reload.
-define('CIVICRM_PLUGIN_VERSION', '5.58.0');
+define('CIVICRM_PLUGIN_VERSION', '5.58.1');
// Store reference to this file.
if (!defined('CIVICRM_PLUGIN_FILE')) {
diff --git a/civicrm/CRM/Contact/Tokens.php b/civicrm/CRM/Contact/Tokens.php
index 4dc0cc9236f652e3e96151e3ba4ccabd1cf6040c..a99da6faff803afc59afcf883a93e451531dcf33 100644
--- a/civicrm/CRM/Contact/Tokens.php
+++ b/civicrm/CRM/Contact/Tokens.php
@@ -397,14 +397,17 @@ class CRM_Contact_Tokens extends CRM_Core_EntityTokens {
foreach ($metadata as $field) {
if ($entity === 'website') {
// It's not the primary - it's 'just one of them' - so the name is _first not _primary
+ $field['name'] = 'website_first.' . $field['name'];
$this->addFieldToTokenMetadata($tokensMetadata, $field, $exposedFields, 'website_first');
}
else {
+ $field['name'] = $entity . '_primary.' . $field['name'];
$this->addFieldToTokenMetadata($tokensMetadata, $field, $exposedFields, $entity . '_primary');
$field['label'] .= ' (' . ts('Billing') . ')';
// Set audience to sysadmin in case adding them to UI annoys people. If people ask to see this
// in the UI we could set to 'user'.
$field['audience'] = 'sysadmin';
+ $field['name'] = $entity . '_billing.' . $field['name'];
$this->addFieldToTokenMetadata($tokensMetadata, $field, $exposedFields, $entity . '_billing');
}
}
@@ -453,13 +456,11 @@ class CRM_Contact_Tokens extends CRM_Core_EntityTokens {
if ($fieldSpec['table_name'] === 'civicrm_website') {
$tableAlias = 'website_first';
$joins[$tableAlias] = $fieldSpec['entity'];
- $prefix = $tableAlias . '.';
}
if ($fieldSpec['table_name'] === 'civicrm_openid') {
// We could start to deprecate this one maybe..... I've made it un-advertised.
$tableAlias = 'openid_primary';
$joins[$tableAlias] = $fieldSpec['entity'];
- $prefix = $tableAlias . '.';
}
if ($fieldSpec['type'] === 'Custom') {
$customFields['custom_' . $fieldSpec['custom_field_id']] = $fieldSpec['name'];
diff --git a/civicrm/CRM/Contribute/Form/Task/Invoice.php b/civicrm/CRM/Contribute/Form/Task/Invoice.php
index c2beedce0fd3944f91c11d4b8d8751c6f420ce2b..c67b0a10ff830b70be9f92628e99bbe59c4d7083 100644
--- a/civicrm/CRM/Contribute/Form/Task/Invoice.php
+++ b/civicrm/CRM/Contribute/Form/Task/Invoice.php
@@ -233,10 +233,9 @@ class CRM_Contribute_Form_Task_Invoice extends CRM_Contribute_Form_Task {
$refundedStatusId = CRM_Utils_Array::key('Refunded', $contributionStatusID);
$cancelledStatusId = CRM_Utils_Array::key('Cancelled', $contributionStatusID);
$pendingStatusId = CRM_Utils_Array::key('Pending', $contributionStatusID);
- $pdfFormat = CRM_Core_BAO_PdfFormat::getByName('default_invoice_pdf_format');
-
+ $pdfFormat = CRM_Core_BAO_MessageTemplate::getPDFFormatForTemplate('contribution_invoice_receipt');
foreach ($elementDetails as $contributionID => $detail) {
- $input = $ids = [];
+ $input = [];
if (in_array($detail['contact'], $excludedContactIDs)) {
continue;
}
diff --git a/civicrm/CRM/Core/BAO/MessageTemplate.php b/civicrm/CRM/Core/BAO/MessageTemplate.php
index bdb9a9d644b57c19f3bd903bb644dfda23eab4ac..12fe6914c7dc560eb627a97cd1082baedfd3905d 100644
--- a/civicrm/CRM/Core/BAO/MessageTemplate.php
+++ b/civicrm/CRM/Core/BAO/MessageTemplate.php
@@ -203,7 +203,7 @@ class CRM_Core_BAO_MessageTemplate extends CRM_Core_DAO_MessageTemplate implemen
*/
public static function getMessageTemplates($all = TRUE, $isSMS = FALSE) {
- $messageTemplates = \Civi\Api4\MessageTemplate::get()
+ $messageTemplates = MessageTemplate::get()
->addSelect('id', 'msg_title')
->addWhere('is_active', '=', TRUE)
->addWhere('is_sms', '=', $isSMS);
@@ -218,6 +218,24 @@ class CRM_Core_BAO_MessageTemplate extends CRM_Core_DAO_MessageTemplate implemen
return $msgTpls;
}
+ /**
+ * Get the appropriate pdf format for the given template.
+ *
+ * @param string $workflow
+ *
+ * @return array
+ * @throws \CRM_Core_Exception
+ */
+ public static function getPDFFormatForTemplate(string $workflow): array {
+ $pdfFormatID = MessageTemplate::get(FALSE)
+ ->addWhere('workflow_name', '=', $workflow)
+ ->addSelect('pdf_format_id')
+ ->execute()->first()['pdf_format_id'] ?? 0;
+ // Get by ID will fall back to retrieving the default values if
+ // it does not find the appropriate ones - hence passing in 0 works.
+ return CRM_Core_BAO_PdfFormat::getById($pdfFormatID);
+ }
+
/**
* Revert a message template to its default subject+text+HTML state.
*
diff --git a/civicrm/CRM/Core/BAO/PdfFormat.php b/civicrm/CRM/Core/BAO/PdfFormat.php
index cfe2ebfb0116d7cbe1209e4ccc8fc0c7798832dc..0113ec6224c045e19cc9e8c7bb6be9946fab5d62 100644
--- a/civicrm/CRM/Core/BAO/PdfFormat.php
+++ b/civicrm/CRM/Core/BAO/PdfFormat.php
@@ -230,6 +230,7 @@ class CRM_Core_BAO_PdfFormat extends CRM_Core_DAO_OptionValue {
* (reference) associative array of name/value pairs
*/
public static function &getByName($name) {
+ CRM_Core_Error::deprecatedFunctionWarning('none');
return self::getPdfFormat('name', $name);
}
diff --git a/civicrm/CRM/Core/EntityTokens.php b/civicrm/CRM/Core/EntityTokens.php
index af3ba17efd7b3d8736e43a6053f080d7fd30c4bb..9672f08c1407003dd05564242698f893a31d3d36 100644
--- a/civicrm/CRM/Core/EntityTokens.php
+++ b/civicrm/CRM/Core/EntityTokens.php
@@ -611,7 +611,8 @@ class CRM_Core_EntityTokens extends AbstractTokenSubscriber {
* @param string $prefix
*/
protected function addFieldToTokenMetadata(array &$tokensMetadata, array $field, array $exposedFields, string $prefix = ''): void {
- if ($field['type'] !== 'Custom' && !in_array($field['name'], $exposedFields, TRUE)) {
+ $isExposed = in_array(str_replace($prefix . '.', '', $field['name']), $exposedFields, TRUE);
+ if ($field['type'] !== 'Custom' && !$isExposed) {
return;
}
$field['audience'] = $field['audience'] ?? 'user';
@@ -635,8 +636,9 @@ class CRM_Core_EntityTokens extends AbstractTokenSubscriber {
$tokensMetadata[$tokenName] = $field;
return;
}
- $tokenName = $prefix ? ($prefix . '.' . $field['name']) : $field['name'];
- if (in_array($field['name'], $exposedFields, TRUE)) {
+ $tokenName = $field['name'];
+ // Presumably this line can not be reached unless isExposed = TRUE.
+ if ($isExposed) {
if (
($field['options'] || !empty($field['suffixes']))
// At the time of writing currency didn't have a label option - this may have changed.
diff --git a/civicrm/CRM/Event/Form/ManageEvent/Registration.php b/civicrm/CRM/Event/Form/ManageEvent/Registration.php
index babb08cc9fa97f40ae5a23d7113285322fd2ea59..4a76047396add3944ec26e3d9c34ba3b385fc83d 100644
--- a/civicrm/CRM/Event/Form/ManageEvent/Registration.php
+++ b/civicrm/CRM/Event/Form/ManageEvent/Registration.php
@@ -444,7 +444,8 @@ class CRM_Event_Form_ManageEvent_Registration extends CRM_Event_Form_ManageEvent
if (($values['registration_link_text'] ?? '') === '') {
$errorMsg['registration_link_text'] = ts('Please enter Registration Link Text');
}
- if (($values['confirm_title'] ?? '') === '') {
+ // Check if the confirm text is set if we have enabled the confirmation page or page is monetary which forces the confirm page.
+ if (($values['confirm_title'] ?? '') === '' && (!empty($values['is_confirm_enabled']) || CRM_Core_DAO::getFieldValue('CRM_Event_DAO_Event', $form->_id, 'is_monetary'))) {
$errorMsg['confirm_title'] = ts('Please enter a Title for the registration Confirmation Page');
}
if (($values['thankyou_title'] ?? '') === '') {
diff --git a/civicrm/CRM/Extension/ClassLoader.php b/civicrm/CRM/Extension/ClassLoader.php
index 9ca81638bff8dd7567cb4213da68e7be7913c77b..7f84b083a955c9e7c667507371ee5833e18410cd 100644
--- a/civicrm/CRM/Extension/ClassLoader.php
+++ b/civicrm/CRM/Extension/ClassLoader.php
@@ -179,7 +179,12 @@ class CRM_Extension_ClassLoader {
* @return string
*/
protected function getCacheFile() {
- $envId = \CRM_Core_Config_Runtime::getId();
+ $envId = md5(implode(',', array_merge(
+ [\CRM_Core_Config_Runtime::getId()],
+ array_column($this->mapper->getActiveModuleFiles(), 'prefix')
+ // dev/core#4055 - When toggling ext's on systems with opcode caching, you may get stale reads for a moment.
+ // New cache key ensures new data-set.
+ )));
$file = \Civi::paths()->getPath("[civicrm.compile]/CachedExtLoader.{$envId}.php");
return $file;
}
diff --git a/civicrm/CRM/Report/Form.php b/civicrm/CRM/Report/Form.php
index 37a08a2e418dd86b44256ba4ab0227b0af6f5c7e..432d3f1ed2297a9853c34389e9fd150506b99edd 100644
--- a/civicrm/CRM/Report/Form.php
+++ b/civicrm/CRM/Report/Form.php
@@ -3770,14 +3770,18 @@ WHERE cg.extends IN ('" . implode("','", $this->_customGroupExtends) . "') AND
}
CRM_Contact_BAO_GroupContactCache::check($smartGroups);
-
+ $aclFilter = NULL;
+ $selectWhereClauses = array_filter(CRM_Contact_BAO_Group::getSelectWhereClause('group'));
+ $aclFilter = implode(' AND ', $selectWhereClauses);
+ $aclFilter = !empty($aclFilter) ? ' AND ' . $aclFilter : '';
$smartGroupQuery = '';
if (!empty($smartGroups)) {
$smartGroups = implode(',', $smartGroups);
$smartGroupQuery = " UNION DISTINCT
SELECT DISTINCT smartgroup_contact.contact_id
FROM civicrm_group_contact_cache smartgroup_contact
- WHERE smartgroup_contact.group_id IN ({$smartGroups}) ";
+ INNER JOIN `civicrm_group` AS `group` ON `group`.id = smartgroup_contact.group_id
+ WHERE smartgroup_contact.group_id IN ({$smartGroups}) {$aclFilter}";
}
$sqlOp = $this->getSQLOperator($op);
@@ -3796,7 +3800,8 @@ WHERE cg.extends IN ('" . implode("','", $this->_customGroupExtends) . "') AND
return " {$contactAlias}.id {$sqlOp} (
SELECT DISTINCT {$this->_aliases['civicrm_group']}.contact_id
FROM civicrm_group_contact {$this->_aliases['civicrm_group']}
- WHERE {$clause} AND {$this->_aliases['civicrm_group']}.status = 'Added'
+ INNER JOIN `civicrm_group` AS `group` ON `group`.id = {$this->_aliases['civicrm_group']}.group_id
+ WHERE {$clause} AND {$this->_aliases['civicrm_group']}.status = 'Added' {$aclFilter}
{$smartGroupQuery} ) ";
}
@@ -3950,6 +3955,10 @@ WHERE cg.extends IN ('" . implode("','", $this->_customGroupExtends) . "') AND
$ret = [];
foreach ($this->selectedTables() as $tableName) {
$baoName = str_replace('_DAO_', '_BAO_', (CRM_Core_DAO_AllCoreTables::getClassForTable($tableName) ?? ''));
+ // Do not include CiviCRM group add Select Where clause because we don't necessarily join here for reports with optimisedGroupFilters
+ if ($baoName === 'CRM_Contact_BAO_Group') {
+ continue;
+ }
if ($baoName && class_exists($baoName) && !empty($this->_columns[$tableName]['alias'])) {
$tableAlias = $this->_columns[$tableName]['alias'];
$clauses = array_filter($baoName::getSelectWhereClause($tableAlias));
diff --git a/civicrm/CRM/Utils/Check/Component/Timestamps.php b/civicrm/CRM/Utils/Check/Component/Timestamps.php
index 0514ee4ca8c30db30973abd387b7f79827c8149a..c2240cf1793496e2356d55135800936916ec9a97 100644
--- a/civicrm/CRM/Utils/Check/Component/Timestamps.php
+++ b/civicrm/CRM/Utils/Check/Component/Timestamps.php
@@ -58,7 +58,7 @@ class CRM_Utils_Check_Component_Timestamps extends CRM_Utils_Check_Component {
1 => 'target="_blank" href="https://dev.mysql.com/doc/refman/8.0/en/mysql-tzinfo-to-sql.html"',
]),
ts('MySQL Timezone Problem'),
- \Psr\Log\LogLevel::WARNING,
+ \Psr\Log\LogLevel::NOTICE,
'fa-clock-o'
);
}
diff --git a/civicrm/CRM/Utils/File.php b/civicrm/CRM/Utils/File.php
index bc882aa8f44fd0e3ff2a9435bcf2bfba569f1442..a822f32c6f0393f2ad230334f8c8e9c9db89fad6 100644
--- a/civicrm/CRM/Utils/File.php
+++ b/civicrm/CRM/Utils/File.php
@@ -352,8 +352,7 @@ class CRM_Utils_File {
* @return bool
*/
public static function isExtensionSafe($ext) {
- static $extensions = NULL;
- if (!$extensions) {
+ if (!isset(Civi::$statics[__CLASS__]['file_extensions'])) {
$extensions = CRM_Core_OptionGroup::values('safe_file_extension', TRUE);
// make extensions to lowercase
@@ -370,9 +369,11 @@ class CRM_Utils_File {
unset($extensions['html']);
unset($extensions['htm']);
}
+ Civi::$statics[__CLASS__]['file_extensions'] = $extensions;
}
+ $restricted = CRM_Utils_Constant::value('CIVICRM_RESTRICTED_UPLOADS', '/(php|php\d|phtml|phar|pl|py|cgi|asp|js|sh|exe|pcgi\d)/i');
// support lower and uppercase file extensions
- return (bool) isset($extensions[strtolower($ext)]);
+ return (bool) isset(Civi::$statics[__CLASS__]['file_extensions'][strtolower($ext)]) && !preg_match($restricted, strtolower($ext));
}
/**
diff --git a/civicrm/Civi/Test/CiviTestListener.php b/civicrm/Civi/Test/CiviTestListener.php
index 6e3b4cdc08c9d5561d64384eef4f9f40de528516..fbd6fd88785a48eff21bb134cc5a75b92152e64c 100644
--- a/civicrm/Civi/Test/CiviTestListener.php
+++ b/civicrm/Civi/Test/CiviTestListener.php
@@ -121,6 +121,7 @@ else {
\CRM_Core_Session::singleton()->set('userID', NULL);
// ugh, performance
$config = \CRM_Core_Config::singleton(TRUE, TRUE);
+ $config->userSystem->setMySQLTimeZone();
if (property_exists($config->userPermissionClass, 'permissions')) {
$config->userPermissionClass->permissions = NULL;
diff --git a/civicrm/Civi/Test/CiviTestListenerPHPUnit7.php b/civicrm/Civi/Test/CiviTestListenerPHPUnit7.php
index 8b4b9af92ed3150a2e6ac20372db367347f0fdc4..c29c572e817ec11b75004ccb9da15b9da93001ce 100644
--- a/civicrm/Civi/Test/CiviTestListenerPHPUnit7.php
+++ b/civicrm/Civi/Test/CiviTestListenerPHPUnit7.php
@@ -114,6 +114,7 @@ class CiviTestListenerPHPUnit7 implements \PHPUnit\Framework\TestListener {
\CRM_Core_Session::singleton()->set('userID', NULL);
// ugh, performance
$config = \CRM_Core_Config::singleton(TRUE, TRUE);
+ $config->userSystem->setMySQLTimeZone();
if (property_exists($config->userPermissionClass, 'permissions')) {
$config->userPermissionClass->permissions = NULL;
diff --git a/civicrm/Civi/Test/Legacy/CiviTestListener.php b/civicrm/Civi/Test/Legacy/CiviTestListener.php
index 93fb4ac8fb830a28d480d66171bffad9e37f8576..4889da722b90cba322a2ffdda2e384cd4f481238 100644
--- a/civicrm/Civi/Test/Legacy/CiviTestListener.php
+++ b/civicrm/Civi/Test/Legacy/CiviTestListener.php
@@ -111,6 +111,7 @@ class CiviTestListener extends \PHPUnit_Framework_BaseTestListener {
\CRM_Core_Session::singleton()->set('userID', NULL);
// ugh, performance
$config = \CRM_Core_Config::singleton(TRUE, TRUE);
+ $config->userSystem->setMySQLTimeZone();
if (property_exists($config->userPermissionClass, 'permissions')) {
$config->userPermissionClass->permissions = NULL;
diff --git a/civicrm/civicrm-version.php b/civicrm/civicrm-version.php
index 9f43a6eb58adb288807aaf0ef497f8bd92a6938e..0622fa7f4d5a7ae468789e2a4282138513b13b83 100644
--- a/civicrm/civicrm-version.php
+++ b/civicrm/civicrm-version.php
@@ -1,7 +1,7 @@
<?php
/** @deprecated */
function civicrmVersion( ) {
- return array( 'version' => '5.58.0',
+ return array( 'version' => '5.58.1',
'cms' => 'Wordpress',
'revision' => '' );
}
diff --git a/civicrm/composer.lock b/civicrm/composer.lock
index a7dada33e2fccd9f97842681ec116e9346ad4b1e..13078911faf5ccffb41a6d9a1f4ee48fd521be22 100644
--- a/civicrm/composer.lock
+++ b/civicrm/composer.lock
@@ -612,16 +612,16 @@
},
{
"name": "dompdf/dompdf",
- "version": "v2.0.2",
+ "version": "v2.0.3",
"source": {
"type": "git",
"url": "https://github.com/dompdf/dompdf.git",
- "reference": "ad4c631bf8897fc1ca7b566468a969cfd71a558a"
+ "reference": "e8d2d5e37e8b0b30f0732a011295ab80680d7e85"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/dompdf/dompdf/zipball/ad4c631bf8897fc1ca7b566468a969cfd71a558a",
- "reference": "ad4c631bf8897fc1ca7b566468a969cfd71a558a",
+ "url": "https://api.github.com/repos/dompdf/dompdf/zipball/e8d2d5e37e8b0b30f0732a011295ab80680d7e85",
+ "reference": "e8d2d5e37e8b0b30f0732a011295ab80680d7e85",
"shasum": ""
},
"require": {
@@ -668,9 +668,9 @@
"homepage": "https://github.com/dompdf/dompdf",
"support": {
"issues": "https://github.com/dompdf/dompdf/issues",
- "source": "https://github.com/dompdf/dompdf/tree/v2.0.2"
+ "source": "https://github.com/dompdf/dompdf/tree/v2.0.3"
},
- "time": "2023-01-31T13:30:40+00:00"
+ "time": "2023-02-07T12:51:48+00:00"
},
{
"name": "ezyang/htmlpurifier",
diff --git a/civicrm/ext/afform/admin/info.xml b/civicrm/ext/afform/admin/info.xml
index b1fc0efe10a79308e9c6b5fd7497329588db4fd8..31c7ec80acfb0e7debe184776e8bb5aaf2cbdef7 100644
--- a/civicrm/ext/afform/admin/info.xml
+++ b/civicrm/ext/afform/admin/info.xml
@@ -13,7 +13,7 @@
<url desc="Licensing">http://www.gnu.org/licenses/agpl-3.0.html</url>
</urls>
<releaseDate>2020-01-09</releaseDate>
- <version>5.58.0</version>
+ <version>5.58.1</version>
<develStage>beta</develStage>
<compatibility>
<ver>5.58</ver>
diff --git a/civicrm/ext/afform/core/info.xml b/civicrm/ext/afform/core/info.xml
index e8247b5e43046e43fa7dd3eaccf732576b2f9322..38db7d63bcf739dae09cf9333369da3dd5c1daa8 100644
--- a/civicrm/ext/afform/core/info.xml
+++ b/civicrm/ext/afform/core/info.xml
@@ -13,7 +13,7 @@
<url desc="Licensing">http://www.gnu.org/licenses/agpl-3.0.html</url>
</urls>
<releaseDate>2020-01-09</releaseDate>
- <version>5.58.0</version>
+ <version>5.58.1</version>
<develStage>beta</develStage>
<compatibility>
<ver>5.58</ver>
diff --git a/civicrm/ext/afform/html/info.xml b/civicrm/ext/afform/html/info.xml
index 38c79d2e1ba44a3cb26bc529272b632d09a8a162..b4852505eb7c7b9e8d74adcb8b8248ac6a3ac37c 100644
--- a/civicrm/ext/afform/html/info.xml
+++ b/civicrm/ext/afform/html/info.xml
@@ -13,7 +13,7 @@
<url desc="Licensing">http://www.gnu.org/licenses/agpl-3.0.html</url>
</urls>
<releaseDate>2020-01-09</releaseDate>
- <version>5.58.0</version>
+ <version>5.58.1</version>
<develStage>alpha</develStage>
<compatibility>
<ver>5.58</ver>
diff --git a/civicrm/ext/afform/mock/info.xml b/civicrm/ext/afform/mock/info.xml
index 15cc1c62ccb8f25961a36e93d54c450d4385d3bb..1801f0ad37c0cf111fb22128d40520eb51a13b98 100644
--- a/civicrm/ext/afform/mock/info.xml
+++ b/civicrm/ext/afform/mock/info.xml
@@ -12,7 +12,7 @@
<url desc="Licensing">http://www.gnu.org/licenses/agpl-3.0.html</url>
</urls>
<releaseDate>2020-01-09</releaseDate>
- <version>5.58.0</version>
+ <version>5.58.1</version>
<tags>
<tag>mgmt:hidden</tag>
</tags>
diff --git a/civicrm/ext/authx/info.xml b/civicrm/ext/authx/info.xml
index b33d350433656e61546ef28c51640128afd3a716..47b654cd16d052f864e28e265d002adf7943ad1b 100644
--- a/civicrm/ext/authx/info.xml
+++ b/civicrm/ext/authx/info.xml
@@ -15,7 +15,7 @@
<url desc="Licensing">http://www.gnu.org/licenses/agpl-3.0.html</url>
</urls>
<releaseDate>2021-02-11</releaseDate>
- <version>5.58.0</version>
+ <version>5.58.1</version>
<develStage>stable</develStage>
<compatibility>
<ver>5.58</ver>
diff --git a/civicrm/ext/civicrm_admin_ui/info.xml b/civicrm/ext/civicrm_admin_ui/info.xml
index 824a80e0550e95dc20f0d61d787751b7d8109bbd..6aeef831e47bd58aefe41a08b042dd67c17bdc2b 100644
--- a/civicrm/ext/civicrm_admin_ui/info.xml
+++ b/civicrm/ext/civicrm_admin_ui/info.xml
@@ -15,7 +15,7 @@
<url desc="Licensing">http://www.gnu.org/licenses/agpl-3.0.html</url>
</urls>
<releaseDate>2022-01-02</releaseDate>
- <version>5.58.0</version>
+ <version>5.58.1</version>
<develStage>alpha</develStage>
<compatibility>
<ver>5.58</ver>
diff --git a/civicrm/ext/civigrant/info.xml b/civicrm/ext/civigrant/info.xml
index 02faef117e6a235c5978a199011a72b4778826a2..1545bb490526997514bc1f4b714967a0569ccc7c 100644
--- a/civicrm/ext/civigrant/info.xml
+++ b/civicrm/ext/civigrant/info.xml
@@ -13,7 +13,7 @@
<url desc="Licensing">http://www.gnu.org/licenses/agpl-3.0.html</url>
</urls>
<releaseDate>2021-11-11</releaseDate>
- <version>5.58.0</version>
+ <version>5.58.1</version>
<develStage>stable</develStage>
<compatibility>
<ver>5.58</ver>
diff --git a/civicrm/ext/civiimport/info.xml b/civicrm/ext/civiimport/info.xml
index a14b4566de5174855bba87a35047eb9219ce4259..877c1b2b0344688095a24d56553557a8c9b57547 100644
--- a/civicrm/ext/civiimport/info.xml
+++ b/civicrm/ext/civiimport/info.xml
@@ -15,7 +15,7 @@
<url desc="Licensing">http://www.gnu.org/licenses/agpl-3.0.html</url>
</urls>
<releaseDate>2022-08-11</releaseDate>
- <version>5.58.0</version>
+ <version>5.58.1</version>
<develStage>alpha</develStage>
<compatibility>
<ver>5.58</ver>
diff --git a/civicrm/ext/ckeditor4/info.xml b/civicrm/ext/ckeditor4/info.xml
index f8b075b3325ebe5ed8b2ad96be73996febf35aaf..2fe1dd6c96278038924e8d8f428f00a5c8496dc2 100644
--- a/civicrm/ext/ckeditor4/info.xml
+++ b/civicrm/ext/ckeditor4/info.xml
@@ -15,7 +15,7 @@
<url desc="Licensing">https://www.gnu.org/licenses/agpl-3.0.html</url>
</urls>
<releaseDate>2021-05-23</releaseDate>
- <version>5.58.0</version>
+ <version>5.58.1</version>
<develStage>stable</develStage>
<compatibility>
<ver>5.58</ver>
diff --git a/civicrm/ext/contributioncancelactions/info.xml b/civicrm/ext/contributioncancelactions/info.xml
index a93b4514a501a5cfc0622c278990b981d79b6d1d..f3b7ea1fd15fb614592f426cf26eccbf8693985f 100644
--- a/civicrm/ext/contributioncancelactions/info.xml
+++ b/civicrm/ext/contributioncancelactions/info.xml
@@ -15,7 +15,7 @@
<url desc="Licensing">http://www.gnu.org/licenses/agpl-3.0.html</url>
</urls>
<releaseDate>2020-10-12</releaseDate>
- <version>5.58.0</version>
+ <version>5.58.1</version>
<develStage>stable</develStage>
<compatibility>
<ver>5.58</ver>
diff --git a/civicrm/ext/elavon/info.xml b/civicrm/ext/elavon/info.xml
index d97c229a399a7c06e27426e776bc888fd39d6a3e..4477e1f0430af0683771a0a2260ef132751917ee 100644
--- a/civicrm/ext/elavon/info.xml
+++ b/civicrm/ext/elavon/info.xml
@@ -15,7 +15,7 @@
<url desc="Licensing">http://www.gnu.org/licenses/agpl-3.0.html</url>
</urls>
<releaseDate>2022-08-05</releaseDate>
- <version>5.58.0</version>
+ <version>5.58.1</version>
<develStage>stable</develStage>
<compatibility>
<ver>5.58</ver>
diff --git a/civicrm/ext/eventcart/info.xml b/civicrm/ext/eventcart/info.xml
index b675a63654640543c64ff2f5ee4d1966d70aca39..b84e15f03727292d3563c3c7c8eca74b6edf8ac3 100644
--- a/civicrm/ext/eventcart/info.xml
+++ b/civicrm/ext/eventcart/info.xml
@@ -13,7 +13,7 @@
<url desc="Licensing">http://www.gnu.org/licenses/agpl-3.0.html</url>
</urls>
<releaseDate>2020-08-03</releaseDate>
- <version>5.58.0</version>
+ <version>5.58.1</version>
<tags>
<tag>mgmt:hidden</tag>
</tags>
diff --git a/civicrm/ext/ewaysingle/info.xml b/civicrm/ext/ewaysingle/info.xml
index 6c5d857922f9a9079439372df781aaaf50c1fc07..e5fac2c140f3d2d6491eb8eeb649d95697d63d59 100644
--- a/civicrm/ext/ewaysingle/info.xml
+++ b/civicrm/ext/ewaysingle/info.xml
@@ -15,7 +15,7 @@
<url desc="Licensing">http://www.gnu.org/licenses/agpl-3.0.html</url>
</urls>
<releaseDate>2020-10-07</releaseDate>
- <version>5.58.0</version>
+ <version>5.58.1</version>
<tags>
<tag>mgmt:hidden</tag>
</tags>
diff --git a/civicrm/ext/financialacls/info.xml b/civicrm/ext/financialacls/info.xml
index 65029056bba9d7ed1cb329da4eeaa4703c25b2f4..47ce98a29a2407810a9d068ceede11116af83c63 100644
--- a/civicrm/ext/financialacls/info.xml
+++ b/civicrm/ext/financialacls/info.xml
@@ -15,7 +15,7 @@
<url desc="Licensing">http://www.gnu.org/licenses/agpl-3.0.html</url>
</urls>
<releaseDate>2020-08-27</releaseDate>
- <version>5.58.0</version>
+ <version>5.58.1</version>
<develStage>stable</develStage>
<compatibility>
<ver>5.58</ver>
diff --git a/civicrm/ext/flexmailer/info.xml b/civicrm/ext/flexmailer/info.xml
index 6a0f469e4e0c0a16189d88ddd0da1d4e9cf85148..7a71dddabf4a07a98a15c8b11a34452c236597ec 100644
--- a/civicrm/ext/flexmailer/info.xml
+++ b/civicrm/ext/flexmailer/info.xml
@@ -15,7 +15,7 @@
<url desc="Licensing">http://www.gnu.org/licenses/agpl-3.0.html</url>
</urls>
<releaseDate>2020-08-05</releaseDate>
- <version>5.58.0</version>
+ <version>5.58.1</version>
<develStage>stable</develStage>
<comments>
FlexMailer is an email delivery engine which replaces the internal guts
diff --git a/civicrm/ext/greenwich/info.xml b/civicrm/ext/greenwich/info.xml
index e063c2102d519ca66809623f0b635cf94c89a450..c98060aa5b39baf718d9de0db63928fbe67831fd 100644
--- a/civicrm/ext/greenwich/info.xml
+++ b/civicrm/ext/greenwich/info.xml
@@ -15,7 +15,7 @@
<url desc="Licensing">http://www.gnu.org/licenses/agpl-3.0.html</url>
</urls>
<releaseDate>2020-07-21</releaseDate>
- <version>5.58.0</version>
+ <version>5.58.1</version>
<tags>
<tag>mgmt:hidden</tag>
</tags>
diff --git a/civicrm/ext/legacycustomsearches/info.xml b/civicrm/ext/legacycustomsearches/info.xml
index fd2c926acf1bb8542abe1aa712b46e83e8806c05..59ee823f8c4860ba6a76f2a7465eb2e94c5c50d1 100644
--- a/civicrm/ext/legacycustomsearches/info.xml
+++ b/civicrm/ext/legacycustomsearches/info.xml
@@ -15,7 +15,7 @@
<url desc="Licensing">http://www.gnu.org/licenses/agpl-3.0.html</url>
</urls>
<releaseDate>2021-07-25</releaseDate>
- <version>5.58.0</version>
+ <version>5.58.1</version>
<develStage>stable</develStage>
<tags>
<tag>mgmt:hidden</tag>
diff --git a/civicrm/ext/message_admin/info.xml b/civicrm/ext/message_admin/info.xml
index 59bf012b17f0a5691aca4662e13e3c636cc7ae8b..a8e835b4a0ea2a969a502c0a986ce910d7b722e9 100644
--- a/civicrm/ext/message_admin/info.xml
+++ b/civicrm/ext/message_admin/info.xml
@@ -15,7 +15,7 @@
<url desc="Licensing">http://www.gnu.org/licenses/agpl-3.0.html</url>
</urls>
<releaseDate>2021-06-12</releaseDate>
- <version>5.58.0</version>
+ <version>5.58.1</version>
<develStage>alpha</develStage>
<compatibility>
<ver>5.58</ver>
diff --git a/civicrm/ext/oauth-client/info.xml b/civicrm/ext/oauth-client/info.xml
index aa0093af195baaf96d6e885b436b86f8899598d6..e5063c1c3bc0f434339ecd42435779a758ef8f79 100644
--- a/civicrm/ext/oauth-client/info.xml
+++ b/civicrm/ext/oauth-client/info.xml
@@ -15,7 +15,7 @@
<url desc="Licensing">http://www.gnu.org/licenses/agpl-3.0.html</url>
</urls>
<releaseDate>2020-10-23</releaseDate>
- <version>5.58.0</version>
+ <version>5.58.1</version>
<develStage>stable</develStage>
<compatibility>
<ver>5.58</ver>
diff --git a/civicrm/ext/payflowpro/info.xml b/civicrm/ext/payflowpro/info.xml
index a2ce72e813b458d4cace69f5e9c79cee5b64ec0b..00b3b400ec32da978f68f3d82d5e1449f77619a4 100644
--- a/civicrm/ext/payflowpro/info.xml
+++ b/civicrm/ext/payflowpro/info.xml
@@ -15,7 +15,7 @@
<url desc="Licensing">http://www.gnu.org/licenses/agpl-3.0.html</url>
</urls>
<releaseDate>2021-04-13</releaseDate>
- <version>5.58.0</version>
+ <version>5.58.1</version>
<develStage>stable</develStage>
<compatibility>
<ver>5.58</ver>
diff --git a/civicrm/ext/recaptcha/info.xml b/civicrm/ext/recaptcha/info.xml
index 4595946a29ab5d0fc9737ac3cbf1cd5a9085dcfd..ef978c7f7a260990bdbbab00316460474834b1c0 100644
--- a/civicrm/ext/recaptcha/info.xml
+++ b/civicrm/ext/recaptcha/info.xml
@@ -13,7 +13,7 @@
<url desc="Licensing">http://www.gnu.org/licenses/agpl-3.0.html</url>
</urls>
<releaseDate>2021-04-03</releaseDate>
- <version>5.58.0</version>
+ <version>5.58.1</version>
<tags>
<tag>mgmt:hidden</tag>
</tags>
diff --git a/civicrm/ext/search_kit/info.xml b/civicrm/ext/search_kit/info.xml
index 45d85fb36cc52e27501c9859b234805271f83107..ebab5ba583ff54cbad4326a901228290cf7ed26d 100644
--- a/civicrm/ext/search_kit/info.xml
+++ b/civicrm/ext/search_kit/info.xml
@@ -15,7 +15,7 @@
<url desc="Licensing">http://www.gnu.org/licenses/agpl-3.0.html</url>
</urls>
<releaseDate>2021-01-06</releaseDate>
- <version>5.58.0</version>
+ <version>5.58.1</version>
<develStage>stable</develStage>
<tags>
<tag>mgmt:required</tag>
diff --git a/civicrm/ext/sequentialcreditnotes/info.xml b/civicrm/ext/sequentialcreditnotes/info.xml
index 86f8b93090eeff3519ddf274091149fda3e2e41b..5ed5ee2a77c1a41d9e05819126ab31e516cc4125 100644
--- a/civicrm/ext/sequentialcreditnotes/info.xml
+++ b/civicrm/ext/sequentialcreditnotes/info.xml
@@ -15,7 +15,7 @@
<url desc="Licensing">http://www.gnu.org/licenses/agpl-3.0.html</url>
</urls>
<releaseDate>2020-01-28</releaseDate>
- <version>5.58.0</version>
+ <version>5.58.1</version>
<tags>
<tag>mgmt:hidden</tag>
</tags>
diff --git a/civicrm/release-notes.md b/civicrm/release-notes.md
index 36908d4d8d96aaaaf68e4231e853a0439a552b12..e154f374200dde18d4c9496eeeae826b5beac462 100644
--- a/civicrm/release-notes.md
+++ b/civicrm/release-notes.md
@@ -15,6 +15,16 @@ Other resources for identifying changes are:
* https://github.com/civicrm/civicrm-joomla
* https://github.com/civicrm/civicrm-wordpress
+## CiviCRM 5.58.1
+
+Released February 15, 2023
+
+- **[Synopsis](release-notes/5.58.1.md#synopsis)**
+- **[Security advisories](release-notes/5.58.1.md#security)**
+- **[Bugs resolved](release-notes/5.58.1.md#bugs)**
+- **[Credits](release-notes/5.58.1.md#credits)**
+- **[Feedback](release-notes/5.58.1.md#feedback)**
+
## CiviCRM 5.58.0
Released February 1, 2023
diff --git a/civicrm/release-notes/5.58.1.md b/civicrm/release-notes/5.58.1.md
new file mode 100644
index 0000000000000000000000000000000000000000..db065998ce431a70a92ebd7b296bec466d83af82
--- /dev/null
+++ b/civicrm/release-notes/5.58.1.md
@@ -0,0 +1,53 @@
+# CiviCRM 5.58.1
+
+Released February 15, 2023
+
+- **[Synopsis](#synopsis)**
+- **[Security advisories](#security)**
+- **[Bugs resolved](#bugs)**
+- **[Credits](#credits)**
+- **[Feedback](#feedback)**
+
+## <a name="synopsis"></a>Synopsis
+
+| *Does this version...?* | |
+| --------------------------------------------------------------- | -------- |
+| Change the database schema? | no |
+| Alter the API? | no |
+| Require attention to configuration options? | no |
+| Fix problems installing or upgrading to a previous version? | no |
+| Introduce features? | no |
+| **Fix bugs?** | **yes** |
+| **Fix security vulnerabilities?** | **yes** |
+
+## <a name="security"></a>Security advisories
+
+* **[CIVI-SA-2023-04](https://civicrm.org/advisory/civi-sa-2023-04-file-type-restrictions): File Type Restrictions**
+* **[CIVI-SA-2023-05](https://civicrm.org/advisory/civi-sa-2023-05-quick-add-xss): Quick Add XSS (WordPress)**
+* **[CIVI-SA-2023-06](https://civicrm.org/advisory/civi-sa-2023-06-dompdf-203): Dompdf 2.0.3 RCE**
+
+## <a name="bugs"></a>Bugs resolved
+
+* **_CiviContribute_: PDF invoice renders with incorrect formatting ([dev/core#4080](https://lab.civicrm.org/dev/core/-/issues/4080): [#25547](https://github.com/civicrm/civicrm-core/pull/25547))**
+* **_CiviEvent_: Excessive validation of title field ([dev/core#4119](https://lab.civicrm.org/dev/core/-/issues/4119): [#25578](https://github.com/civicrm/civicrm-core/pull/25578))**
+* **_CiviReports_: Error "no such field" when displaying to limited-access user ([dev/core#4068](https://lab.civicrm.org/dev/core/-/issues/4068): [#25525](https://github.com/civicrm/civicrm-core/pull/25525))**
+* **_Extensions_: During installation, new classes may not initially load ([dev/core#4055](https://lab.civicrm.org/dev/core/-/issues/4055): [#25379](https://github.com/civicrm/civicrm-core/pull/25379))**
+* **_Status Check_: Tweak severity of new timezone warning ([#25583](https://github.com/civicrm/civicrm-core/pull/25583/))**
+* **_Testing_: Headless tests should initialize timezone ([#25534](https://github.com/civicrm/civicrm-core/pull/25534))**
+* **_Tokens_: Tokens like `{contact.email_primary.email}` do not render consistently ([dev/core#4109](https://lab.civicrm.org/dev/core/-/issues/4109): [#25548](https://github.com/civicrm/civicrm-core/pull/25548/))**
+
+## <a name="credits"></a>Credits
+
+This release was developed by the following authors and reviewers:
+
+Wikimedia Foundation - Eileen McNaughton; timinaust; Tadpole Collective - Kevin Cristiano;
+Megaphone Technology Consulting - Jon Goldberg; Maria; JMA Consulting - Seamus Lee;
+Deloitte - Andrea Intilangelo; Dave D; CiviDesk - Yashodha Chaku; CiviCRM - Tim Otten;
+CiviCoop - Klaas Eikelboom, Erik Hommel; Circle Interactive - Pradeep Nayak; Bob Silvern;
+ben_fairless; Australian Greens - Andrew Cormick-Dockery
+
+## <a name="feedback"></a>Feedback
+
+These release notes are edited by Tim Otten and Andie Hunt. If you'd like to
+provide feedback on them, please login to https://chat.civicrm.org/civicrm and
+contact `@agh1`.
diff --git a/civicrm/sql/civicrm_data.mysql b/civicrm/sql/civicrm_data.mysql
index 2dfca6f7c6a816d701244b3a5c8967cca087851d..aaf3e966332d3cc4c006b054dd3dd094855efb2e 100644
--- a/civicrm/sql/civicrm_data.mysql
+++ b/civicrm/sql/civicrm_data.mysql
@@ -23665,4 +23665,4 @@ INSERT INTO `civicrm_report_instance`
( `domain_id`, `title`, `report_id`, `description`, `permission`, `form_values`)
VALUES
( @domainID, 'Survey Details', 'survey/detail', 'Detailed report for canvassing, phone-banking, walk lists or other surveys.', 'access CiviReport', 'a:39:{s:6:"fields";a:2:{s:9:"sort_name";s:1:"1";s:6:"result";s:1:"1";}s:22:"assignee_contact_id_op";s:2:"eq";s:25:"assignee_contact_id_value";s:0:"";s:12:"sort_name_op";s:3:"has";s:15:"sort_name_value";s:0:"";s:17:"street_number_min";s:0:"";s:17:"street_number_max";s:0:"";s:16:"street_number_op";s:3:"lte";s:19:"street_number_value";s:0:"";s:14:"street_name_op";s:3:"has";s:17:"street_name_value";s:0:"";s:15:"postal_code_min";s:0:"";s:15:"postal_code_max";s:0:"";s:14:"postal_code_op";s:3:"lte";s:17:"postal_code_value";s:0:"";s:7:"city_op";s:3:"has";s:10:"city_value";s:0:"";s:20:"state_province_id_op";s:2:"in";s:23:"state_province_id_value";a:0:{}s:13:"country_id_op";s:2:"in";s:16:"country_id_value";a:0:{}s:12:"survey_id_op";s:2:"in";s:15:"survey_id_value";a:0:{}s:12:"status_id_op";s:2:"eq";s:15:"status_id_value";s:1:"1";s:11:"custom_1_op";s:2:"in";s:14:"custom_1_value";a:0:{}s:11:"custom_2_op";s:2:"in";s:14:"custom_2_value";a:0:{}s:17:"custom_3_relative";s:1:"0";s:13:"custom_3_from";s:0:"";s:11:"custom_3_to";s:0:"";s:11:"description";s:75:"Detailed report for canvassing, phone-banking, walk lists or other surveys.";s:13:"email_subject";s:0:"";s:8:"email_to";s:0:"";s:8:"email_cc";s:0:"";s:10:"permission";s:17:"access CiviReport";s:6:"groups";s:0:"";s:9:"domain_id";i:1;}');
-UPDATE civicrm_domain SET version = '5.58.0';
+UPDATE civicrm_domain SET version = '5.58.1';
diff --git a/civicrm/sql/civicrm_generated.mysql b/civicrm/sql/civicrm_generated.mysql
index 9804f8dbc17b453a882bcb5cb9dacbccce3b03f9..83764dab85c0e8b5c5a9833815036d144033eb73 100644
--- a/civicrm/sql/civicrm_generated.mysql
+++ b/civicrm/sql/civicrm_generated.mysql
@@ -3056,7 +3056,7 @@ UNLOCK TABLES;
LOCK TABLES `civicrm_domain` WRITE;
/*!40000 ALTER TABLE `civicrm_domain` DISABLE KEYS */;
INSERT INTO `civicrm_domain` (`id`, `name`, `description`, `version`, `contact_id`, `locales`, `locale_custom_strings`) VALUES
- (1,'Default Domain Name',NULL,'5.58.0',1,NULL,'a:1:{s:5:\"en_US\";a:0:{}}');
+ (1,'Default Domain Name',NULL,'5.58.1',1,NULL,'a:1:{s:5:\"en_US\";a:0:{}}');
/*!40000 ALTER TABLE `civicrm_domain` ENABLE KEYS */;
UNLOCK TABLES;
diff --git a/civicrm/vendor/autoload.php b/civicrm/vendor/autoload.php
index 06c26c107e118996abea3fe25afbfc73d5f62849..88d7f9c244dd82864ab0572789549e058141fbe3 100644
--- a/civicrm/vendor/autoload.php
+++ b/civicrm/vendor/autoload.php
@@ -4,4 +4,4 @@
require_once __DIR__ . '/composer/autoload_real.php';
-return ComposerAutoloaderInit0a6d5998695b3b88d8c91af1ab91d6ad::getLoader();
+return ComposerAutoloaderInit9f9955bf8d90b6eb142de17e7c9fca9f::getLoader();
diff --git a/civicrm/vendor/composer/autoload_real.php b/civicrm/vendor/composer/autoload_real.php
index 7b36999685839eaafabc8edf29914845213d1172..af7d58b02074b4467875a8d658b86f18d7a33843 100644
--- a/civicrm/vendor/composer/autoload_real.php
+++ b/civicrm/vendor/composer/autoload_real.php
@@ -2,7 +2,7 @@
// autoload_real.php @generated by Composer
-class ComposerAutoloaderInit0a6d5998695b3b88d8c91af1ab91d6ad
+class ComposerAutoloaderInit9f9955bf8d90b6eb142de17e7c9fca9f
{
private static $loader;
@@ -24,9 +24,9 @@ class ComposerAutoloaderInit0a6d5998695b3b88d8c91af1ab91d6ad
require __DIR__ . '/platform_check.php';
- spl_autoload_register(array('ComposerAutoloaderInit0a6d5998695b3b88d8c91af1ab91d6ad', 'loadClassLoader'), true, true);
+ spl_autoload_register(array('ComposerAutoloaderInit9f9955bf8d90b6eb142de17e7c9fca9f', 'loadClassLoader'), true, true);
self::$loader = $loader = new \Composer\Autoload\ClassLoader(\dirname(\dirname(__FILE__)));
- spl_autoload_unregister(array('ComposerAutoloaderInit0a6d5998695b3b88d8c91af1ab91d6ad', 'loadClassLoader'));
+ spl_autoload_unregister(array('ComposerAutoloaderInit9f9955bf8d90b6eb142de17e7c9fca9f', 'loadClassLoader'));
$includePaths = require __DIR__ . '/include_paths.php';
$includePaths[] = get_include_path();
@@ -36,7 +36,7 @@ class ComposerAutoloaderInit0a6d5998695b3b88d8c91af1ab91d6ad
if ($useStaticLoader) {
require __DIR__ . '/autoload_static.php';
- call_user_func(\Composer\Autoload\ComposerStaticInit0a6d5998695b3b88d8c91af1ab91d6ad::getInitializer($loader));
+ call_user_func(\Composer\Autoload\ComposerStaticInit9f9955bf8d90b6eb142de17e7c9fca9f::getInitializer($loader));
} else {
$map = require __DIR__ . '/autoload_namespaces.php';
foreach ($map as $namespace => $path) {
@@ -57,12 +57,12 @@ class ComposerAutoloaderInit0a6d5998695b3b88d8c91af1ab91d6ad
$loader->register(true);
if ($useStaticLoader) {
- $includeFiles = Composer\Autoload\ComposerStaticInit0a6d5998695b3b88d8c91af1ab91d6ad::$files;
+ $includeFiles = Composer\Autoload\ComposerStaticInit9f9955bf8d90b6eb142de17e7c9fca9f::$files;
} else {
$includeFiles = require __DIR__ . '/autoload_files.php';
}
foreach ($includeFiles as $fileIdentifier => $file) {
- composerRequire0a6d5998695b3b88d8c91af1ab91d6ad($fileIdentifier, $file);
+ composerRequire9f9955bf8d90b6eb142de17e7c9fca9f($fileIdentifier, $file);
}
return $loader;
@@ -74,7 +74,7 @@ class ComposerAutoloaderInit0a6d5998695b3b88d8c91af1ab91d6ad
* @param string $file
* @return void
*/
-function composerRequire0a6d5998695b3b88d8c91af1ab91d6ad($fileIdentifier, $file)
+function composerRequire9f9955bf8d90b6eb142de17e7c9fca9f($fileIdentifier, $file)
{
if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) {
$GLOBALS['__composer_autoload_files'][$fileIdentifier] = true;
diff --git a/civicrm/vendor/composer/autoload_static.php b/civicrm/vendor/composer/autoload_static.php
index 252be81cf2db57008b233a5b1ca078da0dfe3b39..fa4028dd78210fc0b19f49377767e4f198e3e2c5 100644
--- a/civicrm/vendor/composer/autoload_static.php
+++ b/civicrm/vendor/composer/autoload_static.php
@@ -4,7 +4,7 @@
namespace Composer\Autoload;
-class ComposerStaticInit0a6d5998695b3b88d8c91af1ab91d6ad
+class ComposerStaticInit9f9955bf8d90b6eb142de17e7c9fca9f
{
public static $files = array (
'a4a119a56e50fbb293281d9a48007e0e' => __DIR__ . '/..' . '/symfony/polyfill-php80/bootstrap.php',
@@ -738,11 +738,11 @@ class ComposerStaticInit0a6d5998695b3b88d8c91af1ab91d6ad
public static function getInitializer(ClassLoader $loader)
{
return \Closure::bind(function () use ($loader) {
- $loader->prefixLengthsPsr4 = ComposerStaticInit0a6d5998695b3b88d8c91af1ab91d6ad::$prefixLengthsPsr4;
- $loader->prefixDirsPsr4 = ComposerStaticInit0a6d5998695b3b88d8c91af1ab91d6ad::$prefixDirsPsr4;
- $loader->prefixesPsr0 = ComposerStaticInit0a6d5998695b3b88d8c91af1ab91d6ad::$prefixesPsr0;
- $loader->fallbackDirsPsr0 = ComposerStaticInit0a6d5998695b3b88d8c91af1ab91d6ad::$fallbackDirsPsr0;
- $loader->classMap = ComposerStaticInit0a6d5998695b3b88d8c91af1ab91d6ad::$classMap;
+ $loader->prefixLengthsPsr4 = ComposerStaticInit9f9955bf8d90b6eb142de17e7c9fca9f::$prefixLengthsPsr4;
+ $loader->prefixDirsPsr4 = ComposerStaticInit9f9955bf8d90b6eb142de17e7c9fca9f::$prefixDirsPsr4;
+ $loader->prefixesPsr0 = ComposerStaticInit9f9955bf8d90b6eb142de17e7c9fca9f::$prefixesPsr0;
+ $loader->fallbackDirsPsr0 = ComposerStaticInit9f9955bf8d90b6eb142de17e7c9fca9f::$fallbackDirsPsr0;
+ $loader->classMap = ComposerStaticInit9f9955bf8d90b6eb142de17e7c9fca9f::$classMap;
}, null, ClassLoader::class);
}
diff --git a/civicrm/vendor/composer/include_paths.php b/civicrm/vendor/composer/include_paths.php
index 189ce0e9b6cf55031ce76c58174cb9f3eb050687..06cf2843ee439212db0953b251eb0a3d769e64ee 100644
--- a/civicrm/vendor/composer/include_paths.php
+++ b/civicrm/vendor/composer/include_paths.php
@@ -12,9 +12,9 @@ return array(
$vendorDir . '/pear/console_getopt',
$vendorDir . '/pear/pear-core-minimal/src',
$vendorDir . '/pear/db',
- $vendorDir . '/pear/log',
$vendorDir . '/pear/mail',
$vendorDir . '/pear/mail_mime',
+ $vendorDir . '/pear/log',
$vendorDir . '/pear/net_socket',
$vendorDir . '/pear/net_smtp',
$vendorDir . '/pear/validate_finance_creditcard',
diff --git a/civicrm/vendor/composer/installed.json b/civicrm/vendor/composer/installed.json
index d391cf0e346c4db036573f68153fa2dae1964e9d..a193a2405db643935c04cedd74577cd4c2388583 100644
--- a/civicrm/vendor/composer/installed.json
+++ b/civicrm/vendor/composer/installed.json
@@ -644,17 +644,17 @@
},
{
"name": "dompdf/dompdf",
- "version": "v2.0.2",
- "version_normalized": "2.0.2.0",
+ "version": "v2.0.3",
+ "version_normalized": "2.0.3.0",
"source": {
"type": "git",
"url": "https://github.com/dompdf/dompdf.git",
- "reference": "ad4c631bf8897fc1ca7b566468a969cfd71a558a"
+ "reference": "e8d2d5e37e8b0b30f0732a011295ab80680d7e85"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/dompdf/dompdf/zipball/ad4c631bf8897fc1ca7b566468a969cfd71a558a",
- "reference": "ad4c631bf8897fc1ca7b566468a969cfd71a558a",
+ "url": "https://api.github.com/repos/dompdf/dompdf/zipball/e8d2d5e37e8b0b30f0732a011295ab80680d7e85",
+ "reference": "e8d2d5e37e8b0b30f0732a011295ab80680d7e85",
"shasum": ""
},
"require": {
@@ -678,7 +678,7 @@
"ext-imagick": "Improves image processing performance",
"ext-zlib": "Needed for pdf stream compression"
},
- "time": "2023-01-31T13:30:40+00:00",
+ "time": "2023-02-07T12:51:48+00:00",
"type": "library",
"installation-source": "dist",
"autoload": {
@@ -703,7 +703,7 @@
"homepage": "https://github.com/dompdf/dompdf",
"support": {
"issues": "https://github.com/dompdf/dompdf/issues",
- "source": "https://github.com/dompdf/dompdf/tree/v2.0.2"
+ "source": "https://github.com/dompdf/dompdf/tree/v2.0.3"
},
"install-path": "../dompdf/dompdf"
},
diff --git a/civicrm/vendor/composer/installed.php b/civicrm/vendor/composer/installed.php
index fa86928f8c659582a1c8524617db4c75db98334d..906722d6a15a0905786114f2643c813fa09d3c32 100644
--- a/civicrm/vendor/composer/installed.php
+++ b/civicrm/vendor/composer/installed.php
@@ -5,7 +5,7 @@
'type' => 'library',
'install_path' => __DIR__ . '/../../',
'aliases' => array(),
- 'reference' => 'cd24acea9d5cf85df3b0fe54fc5cadfcf60a8cef',
+ 'reference' => '755314ae9e46286a587e1138a15b92aaaa0278a1',
'name' => 'civicrm/civicrm-core',
'dev' => true,
),
@@ -61,7 +61,7 @@
'type' => 'library',
'install_path' => __DIR__ . '/../../',
'aliases' => array(),
- 'reference' => 'cd24acea9d5cf85df3b0fe54fc5cadfcf60a8cef',
+ 'reference' => '755314ae9e46286a587e1138a15b92aaaa0278a1',
'dev_requirement' => false,
),
'civicrm/civicrm-cxn-rpc' => array(
@@ -119,12 +119,12 @@
'dev_requirement' => false,
),
'dompdf/dompdf' => array(
- 'pretty_version' => 'v2.0.2',
- 'version' => '2.0.2.0',
+ 'pretty_version' => 'v2.0.3',
+ 'version' => '2.0.3.0',
'type' => 'library',
'install_path' => __DIR__ . '/../dompdf/dompdf',
'aliases' => array(),
- 'reference' => 'ad4c631bf8897fc1ca7b566468a969cfd71a558a',
+ 'reference' => 'e8d2d5e37e8b0b30f0732a011295ab80680d7e85',
'dev_requirement' => false,
),
'ezyang/htmlpurifier' => array(
diff --git a/civicrm/vendor/dompdf/dompdf/VERSION b/civicrm/vendor/dompdf/dompdf/VERSION
index e9307ca5751b252b31c533d41f61df140d3f7537..50ffc5aa7f69fa0ffc74a36d81ac05273e116308 100644
--- a/civicrm/vendor/dompdf/dompdf/VERSION
+++ b/civicrm/vendor/dompdf/dompdf/VERSION
@@ -1 +1 @@
-2.0.2
+2.0.3
diff --git a/civicrm/vendor/dompdf/dompdf/src/Image/Cache.php b/civicrm/vendor/dompdf/dompdf/src/Image/Cache.php
index 6141cb503a944cfe6c5327fe5440a8305a89d3ff..8e36aa2b7cb55b5eb8e6d31569605c0f5f73258d 100644
--- a/civicrm/vendor/dompdf/dompdf/src/Image/Cache.php
+++ b/civicrm/vendor/dompdf/dompdf/src/Image/Cache.php
@@ -135,15 +135,19 @@ class Cache
function ($parser, $name, $attributes) use ($options, $parsed_url, $full_url) {
if (strtolower($name) === "image") {
$attributes = array_change_key_case($attributes, CASE_LOWER);
- $url = $attributes["xlink:href"] ?? $attributes["href"];
- if (!empty($url)) {
- $inner_full_url = Helpers::build_url($parsed_url["protocol"], $parsed_url["host"], $parsed_url["path"], $url);
- if ($inner_full_url === $full_url) {
- throw new ImageException("SVG self-reference is not allowed", E_WARNING);
- }
- [$resolved_url, $type, $message] = self::resolve_url($url, $parsed_url["protocol"], $parsed_url["host"], $parsed_url["path"], $options);
- if (!empty($message)) {
- throw new ImageException("This SVG document references a restricted resource. $message", E_WARNING);
+ $urls = [];
+ $urls[] = $attributes["xlink:href"] ?? "";
+ $urls[] = $attributes["href"] ?? "";
+ foreach ($urls as $url) {
+ if (!empty($url)) {
+ $inner_full_url = Helpers::build_url($parsed_url["protocol"], $parsed_url["host"], $parsed_url["path"], $url);
+ if ($inner_full_url === $full_url) {
+ throw new ImageException("SVG self-reference is not allowed", E_WARNING);
+ }
+ [$resolved_url, $type, $message] = self::resolve_url($url, $parsed_url["protocol"], $parsed_url["host"], $parsed_url["path"], $options);
+ if (!empty($message)) {
+ throw new ImageException("This SVG document references a restricted resource. $message", E_WARNING);
+ }
}
}
}
@@ -156,6 +160,7 @@ class Cache
xml_parse($parser, $line, false);
}
fclose($fp);
+ xml_parse($parser, "", true);
}
xml_parser_free($parser);
}
diff --git a/civicrm/xml/version.xml b/civicrm/xml/version.xml
index 06550a834cae70ceb3334063e8d40873841486a0..679fb654b1d71d17c06bb18dd575873f23cad723 100644
--- a/civicrm/xml/version.xml
+++ b/civicrm/xml/version.xml
@@ -1,4 +1,4 @@
<?xml version="1.0" encoding="iso-8859-1" ?>
<version>
- <version_no>5.58.0</version_no>
+ <version_no>5.58.1</version_no>
</version>
diff --git a/includes/admin-metaboxes/civicrm.metabox.contact.add.php b/includes/admin-metaboxes/civicrm.metabox.contact.add.php
index 0bb9a21c26c6f27cbde010aee167632c48bfecc3..4bb01d48cf150a11aaebecac563ab88ae236f0d5 100644
--- a/includes/admin-metaboxes/civicrm.metabox.contact.add.php
+++ b/includes/admin-metaboxes/civicrm.metabox.contact.add.php
@@ -222,7 +222,11 @@ class CiviCRM_For_WordPress_Admin_Metabox_Contact_Add {
// Check our session for data.
$session = CRM_Core_Session::singleton();
$recents = $session->get('quick_add_recents');
-
+ if (!empty($recents) && is_array($recents)) {
+ foreach ($recents as $key => $value) {
+ $recents[$key] = CRM_Utils_String::purifyHtml($value);
+ }
+ }
// Maybe add a class to the "Recently Added" wrapper.
$visiblity_class = '';
if (!empty($recents)) {
@@ -351,7 +355,7 @@ class CiviCRM_For_WordPress_Admin_Metabox_Contact_Add {
// Construct list item containing link to "View Contact" screen.
$url = $this->civi->admin->get_admin_link('civicrm/contact/view', 'reset=1&cid=' . $contact['id']);
- $link = '<li><a href="' . $url . '" target="_blank">' . $contact['display_name'] . '</a></li>';
+ $link = CRM_Utils_String::purifyHtml('<li><a href="' . $url . '" target="_blank">' . $contact['display_name'] . '</a></li>');
// Check our session for existing data.
$session = CRM_Core_Session::singleton();
@@ -514,7 +518,7 @@ class CiviCRM_For_WordPress_Admin_Metabox_Contact_Add {
// Construct list item containing link to "View Contact" screen.
$url = $this->civi->admin->get_admin_link('civicrm/contact/view', 'reset=1&cid=' . $contact['id']);
- $link = '<li><a href="' . $url . '" target="_blank">' . $contact['display_name'] . '</a></li>';
+ $link = CRM_Utils_String::purifyHtml('<li><a href="' . $url . '" target="_blank">' . $contact['display_name'] . '</a></li>');
// Check our session for existing data.
$session = CRM_Core_Session::singleton();